iptables

package

v0.13.0 Latest Latest Go to latest Published: Feb 12, 2021 License: Apache-2.0 Imports: 10 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/vmware-tanzu/antrea

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
func Lock(lockFilePath string, timeout time.Duration) (func() error, error)
func MakeChainLine(chain string) string
type Client
- func New(enableIPV4, enableIPV6 bool) (*Client, error)

Constants ¶

View Source

const (
	NATTable    = "nat"
	FilterTable = "filter"
	MangleTable = "mangle"
	RawTable    = "raw"

	AcceptTarget     = "ACCEPT"
	MasqueradeTarget = "MASQUERADE"
	MarkTarget       = "MARK"
	ConnTrackTarget  = "CT"
	NoTrackTarget    = "NOTRACK"

	PreRoutingChain  = "PREROUTING"
	ForwardChain     = "FORWARD"
	PostRoutingChain = "POSTROUTING"
	OutputChain      = "OUTPUT"
)

View Source

const (
	XtablesLockFilePath = "/var/run/xtables.lock"
)

Variables ¶

This section is empty.

Functions ¶

func Lock ¶ added in v0.10.2

func Lock(lockFilePath string, timeout time.Duration) (func() error, error)

Lock acquires the provided file lock. It's thread-safe. It will block until the lock is acquired or the timeout is reached.

func MakeChainLine ¶

func MakeChainLine(chain string) string

Types ¶

type Client ¶

type Client struct {
	// contains filtered or unexported fields
}

func New ¶

func New(enableIPV4, enableIPV6 bool) (*Client, error)

func (*Client) ChainExists ¶ added in v0.13.0

func (c *Client) ChainExists(table string, chain string) (bool, error)

ChainExists checks if a chain already exists in a table

func (*Client) DeleteChain ¶ added in v0.13.0

func (c *Client) DeleteChain(table string, chain string) error

DeleteChain deletes all rules from a chain in a table and then delete the chain

func (*Client) DeleteRule ¶ added in v0.13.0

func (c *Client) DeleteRule(table string, chain string, ruleSpec []string) error

DeleteRule checks if target rule already exists, deletes the rule if found.

func (*Client) EnsureChain ¶

func (c *Client) EnsureChain(table string, chain string) error

EnsureChain checks if target chain already exists, creates it if not.

func (*Client) EnsureRule ¶

func (c *Client) EnsureRule(table string, chain string, ruleSpec []string) error

EnsureRule checks if target rule already exists, appends it if not.

func (*Client) ListRules ¶ added in v0.13.0

func (c *Client) ListRules(table string, chain string) ([]string, error)

ListRules lists all rules from a chain in a table

func (*Client) Restore ¶

func (c *Client) Restore(data []byte, flush bool, useIPv6 bool) error

Restore calls iptable-restore to restore iptables with the provided content. If flush is true, all previous contents of the respective tables will be flushed. Otherwise only involved chains will be flushed. Restore supports "ip6tables-restore" for IPv6.

func (*Client) Save ¶ added in v0.7.0

func (c *Client) Save() ([]byte, error)

Save calls iptables-saves to dump chains and tables in iptables.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL